Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/890e8f94-59ce-46fd-8868-0f944004ff36.roa
File:                     890e8f94-59ce-46fd-8868-0f944004ff36.roa (raw, json)
Hash identifier:          e675y8QdmD+ueL2leO6BD5NPr7iCmVBw6vtpaZw0CB0=
Subject key identifier:   CC:BB:9B:36:44:03:B5:BE:FB:B2:C4:FF:49:10:B5:AE:BE:38:DA:04
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       67410516C00972C27ACD9BBC4CF48F5567292AA3
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/890e8f94-59ce-46fd-8868-0f944004ff36.roa
Signing time:             Tue 11 Nov 2025 01:01:16 +0000
ROA not before:           Tue 11 Nov 2025 01:01:16 +0000
ROA not after:            Tue 16 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1f00:8190::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:41:05:16:c0:09:72:c2:7a:cd:9b:bc:4c:f4:8f:55:67:29:2a:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 11 01:01:16 2025 GMT
            Not After : Dec 16 23:59:59 2025 GMT
        Subject: serialNumber=0924e5938fb6ea070ccfad6d480f3aba69d01eae6ad6e2115ee2f24e25e2c060, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:de:41:55:f4:a8:b3:c0:e4:7c:e3:68:93:b2:
                    8d:83:53:1c:33:52:2d:c8:12:61:3f:36:55:ae:ec:
                    1b:bf:6a:fe:f4:c6:44:5a:fb:8c:18:2b:58:f6:34:
                    3b:0c:42:c3:b5:c6:09:aa:19:67:ea:85:1a:d1:1e:
                    93:74:bc:7f:f9:98:57:b3:41:59:31:ec:bd:7a:9d:
                    8f:de:cd:ff:f4:b3:c4:8a:2b:0c:68:63:9a:68:a7:
                    bf:79:0c:8b:de:c1:68:2d:9f:4b:50:03:d5:5f:4d:
                    22:0a:87:4b:84:78:0b:cb:46:19:05:93:30:3e:63:
                    e5:8c:32:09:97:6f:a1:73:d6:cd:2a:31:4f:1e:da:
                    95:70:e5:76:7a:0d:c1:75:9c:0d:fd:d8:77:de:75:
                    d9:d7:20:2a:ff:da:7c:d3:1c:35:61:4a:22:e1:30:
                    dc:e8:e2:45:81:9c:0f:fa:c2:a5:64:33:3c:82:22:
                    04:cf:e1:94:bb:5a:de:2b:e1:8f:57:5d:06:42:72:
                    37:21:17:e8:49:57:90:e0:6a:cb:9d:b9:65:56:dd:
                    25:9e:49:ac:d2:37:81:09:ef:7a:9e:f4:4c:37:43:
                    6d:dc:81:50:7f:f3:dc:13:17:50:b2:b2:0e:18:4c:
                    5a:b8:99:52:95:39:73:d5:69:af:92:a3:79:12:b0:
                    bc:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:BB:9B:36:44:03:B5:BE:FB:B2:C4:FF:49:10:B5:AE:BE:38:DA:04
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/890e8f94-59ce-46fd-8868-0f944004ff36.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1f00:8190::/48

    Signature Algorithm: sha256WithRSAEncryption
         42:c9:43:a6:6f:6e:5c:b3:1a:af:ca:fa:bc:75:a2:d4:2d:ec:
         48:f3:a5:49:25:13:b0:b6:7a:f8:5f:c4:a1:49:b4:67:3d:c1:
         5b:24:2a:90:3e:99:d3:0e:4d:ca:6d:3f:70:93:63:2e:98:bd:
         cb:28:a9:d5:15:4d:ca:2f:ed:d7:57:9b:db:6e:e9:b8:15:9a:
         ad:a4:81:4d:a8:74:bd:2d:dd:72:5a:d4:1e:01:2b:fe:87:63:
         9f:64:1a:74:6e:ba:74:74:82:69:11:68:a2:d9:3d:90:6d:9c:
         17:9a:3b:ff:38:53:46:2c:cd:26:1c:3f:f4:65:fd:e2:ed:db:
         83:3a:87:6d:73:7e:cc:c4:73:56:39:82:ed:2d:5d:5f:f7:dd:
         e0:ca:a6:79:7a:3d:aa:7d:4e:ad:b4:8a:27:88:cd:04:fd:fd:
         d7:5f:e0:53:00:12:db:60:ac:01:f9:10:4d:64:1a:0a:61:40:
         45:99:aa:6d:a3:4d:78:2e:9c:51:0d:d4:c5:e7:ce:de:6c:59:
         fb:17:d2:f5:e3:e1:bb:96:05:15:20:12:5e:46:4c:de:49:d0:
         97:bb:6b:21:76:ea:ec:7e:9f:85:3a:9c:1a:8c:6b:7b:39:dd:
         cb:ef:30:8e:46:fa:90:ff:a3:67:2d:0e:37:d4:89:c0:fe:cd:
         bf:1f:45:d4
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUZ0EFFsAJcsJ6zZu8TPSPVWcpKqMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTExMDEwMTE2WhcNMjUxMjE2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwOTI0ZTU5MzhmYjZlYTA3MGNjZmFkNmQ0ODBmM2FiYTY5
ZDAxZWFlNmFkNmUyMTE1ZWUyZjI0ZTI1ZTJjMDYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCL3kFV9KizwOR842iTso2DUxwzUi3IEmE/NlWu7Bu/av70
xkRa+4wYK1j2NDsMQsO1xgmqGWfqhRrRHpN0vH/5mFezQVkx7L16nY/ezf/0s8SK
KwxoY5pop795DIvewWgtn0tQA9VfTSIKh0uEeAvLRhkFkzA+Y+WMMgmXb6Fz1s0q
MU8e2pVw5XZ6DcF1nA392HfeddnXICr/2nzTHDVhSiLhMNzo4kWBnA/6wqVkMzyC
IgTP4ZS7Wt4r4Y9XXQZCcjchF+hJV5DgasuduWVW3SWeSazSN4EJ73qe9Ew3Q23c
gVB/89wTF1Cysg4YTFq4mVKVOXPVaa+So3kSsLyHAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUzLubNkQDtb77ssT/SRC1rr442gQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg5MGU4Zjk0LTU5Y2UtNDZmZC04ODY4LTBmOTQ0MDA0ZmYzNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB8AgZAwDQYJKoZIhvcNAQELBQADggEBAELJQ6ZvblyzGq/K+rx1otQt
7EjzpUklE7C2evhfxKFJtGc9wVskKpA+mdMOTcptP3CTYy6YvcsoqdUVTcov7ddX
m9tu6bgVmq2kgU2odL0t3XJa1B4BK/6HY59kGnRuunR0gmkRaKLZPZBtnBeaO/84
U0YszSYcP/Rl/eLt24M6h21zfszEc1Y5gu0tXV/33eDKpnl6Pap9Tq20iieIzQT9
/ddf4FMAEttgrAH5EE1kGgphQEWZqm2jTXgunFEN1MXnzt5sWfsX0vXj4buWBRUg
El5GTN5J0Je7ayF26ux+n4U6nBqMa3s53cvvMI5G+pD/o2ctDjfUicD+zb8fRdQ=
-----END CERTIFICATE-----